http://www.clusterresources.com/bugzilla/show_bug.cgi?id=84
Summary: Security bug on the way checkpoint is being handled
Product: TORQUE
Version: 2.4.x
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P5
Component: pbs_server
AssignedTo: glen.beane at gmail.com
ReportedBy: robinr at muohio.edu
CC: torquedev at supercluster.org
Estimated Hours: 0.0
Sequence of events:
1) user1 submitted a job with checkpoint enabled
2) user1 qhold it (i.e., checkpoints it),
3) pbs_server will create
/var/spool/torque/checkpoint/110760.torque.hpc.muohio.edu.CK/ and then
root at compute-node will do scp the checkpoint-context to
user1 at torque-server:/var/spool/torque/checkpoint/110760.torque.hpc.muohio.edu.CK/
The checkpoint directory right now is being created with 777 without the sticky
bit. As a side note, because user1 needs to write into the checkpoint dir
(because of the scp command), /var/spool/torque/checkpoint needs to be at least
others-executable.
This combination allows all other users to replace the user1's checkpoint file
under the check point dir. This presents a security risk.
A simple patch to job_func.c will fix this, in 2.4.10 source,
# diff ./job_func.c ./job_func.c.dist
1119c1119
< if ((mkdir(serverfile, 01777) == -1) && (errno != EEXIST))
---
> if ((mkdir(serverfile, 0777) == -1) && (errno != EEXIST))
Perhaps, other ways to fix it is to create 110760.torque.hpc.muohio.edu.CK with
user1 as owner and just 700 the 110760.torque.hpc.muohio.edu.CK directory.
--
Configure bugmail: http://www.clusterresources.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.